<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
</head>

<body>
<?php 
  
 if($_POST['user_name']!=""&&$_POST['user_psw']!=""){
	 $user_name=$_POST['user_name'];
	 $user_psw=$_POST['user_psw'];
	 if(isset($_POST['isAdmin'])){
		if($user_name=="admin"&&$user_psw=="admin"){
			session_start();
			$_SESSION['user_name']=$_POST['user_name'];
			$_SESSION['user_psw']=$_POST['user_psw'];
			echo "<script> alert('管理员登录成功！');
			window.location.href='../view/allComments.php';
			</script>";
		}
		else{
			echo "<script> alert('对不起，你不是管理员！');
			window.location.href='../index.php';
			</script>";
		}
	 }
	 else{
		 $conn=mysql_connect("localhost","root","root") or die("数据库连接失败！");
		 mysql_select_db("guestbook",$conn) or die("选择数据库失败！");
		 $result=mysql_query("select * from userinfo where username='$user_name'");
		 if($result){
			 $row=mysql_fetch_array($result);
			 mysql_close($conn);
			 if($row['userpsw']==$user_psw){
				 session_start();
				 $_SESSION['user_name']=$_POST['user_name'];
				 $_SESSION['user_psw']=$_POST['user_psw'];
				 echo "<script> alert('登录成功！');
				window.location.href='../view/allComments.php';
				</script>";
			 }
			 else{
				echo "<script> alert('用户名错误！');
				window.location.href='../index.php';
				</script>";
			}
		 }else{
			 echo "<script> alert('密码错误！');
				window.location.href='../index.php';
				</script>";
		 }
	 }
 	
 }
 else{
		echo " <script> alert('用户名或密码为空');
		window.location.href='../index.php';
		</script>" ;		
 }
 ?>
</body>
</html>